One Identity Active Roles Reviews

One Identity Active Roles is primarily used for Active Directory administration, delegation, delegated access control, user provisioning, and automating routine account management tasks.

One Identity Active Roles automatically creates user accounts with correct group memberships and permissions based on the department and role, which saves a lot of manual AD work during onboarding.

One Identity Active Roles is also used for auditing and approval workflows, especially for sensitive AD changes where better control and tracking are needed.

The best features One Identity Active Roles offers are delegated administration, automation workflows, centralized AD management, and the detailed auditing capabilities that make tracking changes much easier.

Delegated administration has made the biggest impact because it allows the different teams to manage specific AD tasks securely without giving full domain-level access.

The automation and approval workflows stand out significantly in larger environments, especially when consistency and better control over AD changes are needed.

One Identity Active Roles has positively impacted the organization by reducing a lot of manual AD administration work, improving access control, and helping standardize user management processes across the organization.

The UI of One Identity Active Roles could be more modern and responsive, and some advanced workflow configurations can feel complex during setup.

Better cloud integration and simpler reporting customizations would definitely improve the overall experience, especially in hybrid environments.

One Identity Active Roles has been in use for two years.

One Identity Active Roles is very stable.

One Identity Active Roles scales very well in large enterprise environments, especially for organizations managing multiple domains, hybrid AD setups, and high volumes of user provisioning tasks.

Customer support for One Identity Active Roles is great.

Before One Identity Active Roles, the organization mostly relied on native administrative Active Directory tools and manual processes. The switch was made for better automation, delegation, and centralized control over AD management.

A few other IAM and AD management solutions were evaluated before choosing One Identity Active Roles, including SalePoint, Microsoft Entra ID, and ManageEngine.

The integration of One Identity Active Roles with the existing IT infrastructure and directory services was fairly smooth overall since it works well with existing Active Directory environments, though some advanced integrations and workflow customization required extra planning and testing.

Clear ROI has been seen with One Identity Active Roles, mainly through the time savings and reduced manual administration. Onboarding, permission updates, and account management tasks that used to take a lot of manual effort are now largely automated and completed much faster.

The pricing, setup cost, and licensing of One Identity Active Roles are definitely enterprise-focused, but the value from the automation, delegation, administration, and the reduced manual AD effort makes the investment worthwhile in large environments.

My advice to others looking into using One Identity Active Roles is to plan your delegation model and automation workflows carefully before deployment because the platform delivers the most value when roles, approvals, and AD processes are well-structured from the beginning.

One Identity Active Roles has been a reliable solution for improving AD governance, reducing manual administration, and enforcing better access control across the environment. The overall review rating for One Identity Active Roles is 8 out of 10.

Hybrid Cloud

Microsoft Azure

I am an end user of One Identity Active Roles for internal access and system purposes. When I need access to an internal dashboard to analyze business data for a project, I raise a request through One Identity Active Roles. The request goes through the approval process, and once approved, I am granted access without needing to contact the IT team directly. This helps me complete my tasks on time, and the status can be easily tracked so I do not have to manually follow up. The approval workflow makes the process secure and smooth, and even though I am not from a technical background, it helps me significantly.

I use One Identity Active Roles to gain access to some particular tools that are shared among multiple interns in my company.

The best feature that One Identity Active Roles offers is the approval flow, which gives access only to authorized persons, making the process secure. The user-friendly interface allows someone without a technical background to apply for the tools needed and be given access.

The approval process makes things more secure and efficient. This process prevents unauthorized and accidental access to sensitive tools and data, which are major concerns for my company. I have been told to access some particular tools and data through that portal only.

One Identity Active Roles has made things more organized and secure across the company. It has also reduced the need to contact IT administrators directly, saving time for both me and the IT staff. During the orientation program, I was informed that the use of this tool has reduced the IT team's workload. Previously, the IT team needed to provide the tool and monitor who was using it, but now with this tool, they do not have to specifically check on who is accessing the tools and data.

The IT team has reduced their workload by around four hours, although I do not know the specific hours saved. Access to the tools has become much faster; as soon as I apply, it goes through the approval process, and if the tool is required, then access is provided to me or any other IT intern.

One Identity Active Roles could be improved by speeding up the approval process, especially for urgent access requests. Sometimes I need urgent approval, and then I have to call the IT team to manually pass my approval. An option to flag that I need the tool urgently would help the IT team know to expedite that approval in the future. I have seen times when I need a tool urgently, but the process takes time.

The dependency on approval sometimes causes delays, which can slow down urgent work that I am doing, particularly as my position as an intern has been growing.

By the first of May, it has been approximately two months since I have been working in my current field.

One Identity Active Roles is quite stable, and I have not seen any downtime or crashes in my use case.

One Identity Active Roles is a great tool, pretty scalable, and stable for the daily purposes we are using it for. It can be easily deployed in the company, and it is a stable solution for non-technical users like myself.

I received one or two days of training to use all One Identity tools utilized in my company, such as One Identity Active Roles, One Identity OneLogin, and Safeguard Manager, which are all great tools. I would rate this review a 7.5 out of 10.

I have been using One Identity Active Roles for almost a year.

Our main use case of One Identity Active Roles is automating AD and user lifecycle management. When HR creates a new hire record, One Identity Active Roles automatically creates an Active Directory account, assigns the correct group based on the employee's department and role, reversely provisions the mailbox, and applies appropriate permission. What used to take twenty to thirty minutes of manual work across multiple teams can be completed in just a few minutes with minimal administrator involvement. Similarly, during offboarding, the workflow can automatically disable accounts, remove group membership, and trigger access revocation, helping improve security and consistency while reducing manual efforts.

The best features One Identity Active Roles offers are automated user lifecycle management, Role-Based Access Control, approval workflows, dynamic group management, and audit and compliance reporting.

Out of those features, I find myself relying on Role-Based Access Control in One Identity Active Roles the most day-to-day. It makes work easier by allowing help desk and regional IT teams to manage user accounts, reset passwords, update group membership, and perform other routine tasks without being granted full AD administrator rights. This reduces the risk of accidental changes, improves security, and eliminates many of the routine requests that would need senior administrators.

One Identity Active Roles has positively impacted my organization by enabling a faster onboarding and offboarding process, fewer administration errors, and better security posture because privileged AD access is tightly controlled and delegated via RBAC. Additionally, IT ticket volume has been reduced, with commonly seen reductions in the range of twenty to fifty percent fewer AD-related tickets. The major drops in ticket areas are password reset, group membership changes, and new user provisioning requests. Onboarding and offboarding has been reduced from thirty to sixty minutes to five to ten minutes, and processes that previously took around one to two hours are now completed in just a matter of minutes.

I am currently happy with the solution, and in case any improvement is required, I will update my review. I note that the initial deployment can be complex.

I have been working in my current field for almost more than three years.

One Identity Active Roles is very stable.

The scalability of One Identity Active Roles is very high and meets all demands.

For me, customer support is neutral, neither good nor bad.

We have not used any different solution previously.

The ease or difficulty of integrating One Identity Active Roles with my existing IT infrastructure and directory services is generally moderate, sometimes it is easy, while at other times it is complex since we must monitor post-production things after the implementation to ensure everything goes smoothly. All users should show in One Identity Active Roles, and this measurable improvement needs monitoring, but overall, it is not complex.

I have seen a return on investment, as there are relevant metrics for money or time saved and fewer employees needed; less money is spent, which can be invested in other projects.

We have not evaluated other options before choosing One Identity Active Roles.

I advise others looking into using One Identity Active Roles to set up a demo and conduct a POC based on your use case. If you have a large enterprise, then onboard this solution, but it depends on your budget. I gave this review a rating of eight out of ten.

Public Cloud

Amazon Web Services (AWS)

My main use case for One Identity Active Roles is automation.

One specific example of how I use automation with One Identity Active Roles is through automated employee onboarding, where when HR shares new employee details, the system automatically creates an Active Directory account, assigning it to the correct OU, group membership, email attributes, and permission based on the employee's department or role. This significantly reduces manual efforts, provisioning time, and configuration errors.

Using One Identity Active Roles, we consolidate multiple manual Active Directory administration processes and native management tools into a single, centralized platform for user provisioning, delegation, RBAC, automation, and auditing.

The best features of One Identity Active Roles are automation, delegated administration, role-based access control, approval workflows, policy enforcement, and auditing, as these features simplify Active Directory management, improve security, reduce manual efforts, and enhance compliance.

The feature that has made the biggest difference for me in One Identity Active Roles is automation, especially automated user provisioning and de-provisioning, because it significantly reduces manual Active Directory tasks, minimizes errors, improves consistency, and accelerates onboarding and off-boarding processes.

Additionally, the delegated administration and auditing features in One Identity Active Roles are very valuable as they improve security by limiting excessive privilege and provide centralized tracking of Active Directory changes for compliance and governance.

One Identity Active Roles positively impacts our organization by reducing manual Active Directory administration, improving security through delegated access and RBAC, speeding up onboarding and off-boarding processes, reducing service desk workload, and enhancing compliance.

One Identity Active Roles can be improved with a more modern and intuitive user interface, better reporting and analytics, simplified workflow customization, enhanced troubleshooting tools, and stronger cloud and hybrid identity integration capabilities for large enterprise environments.

I have been working in my current field for the last two years.

One Identity Active Roles is generally very stable and reliable in enterprise environments with consistent performance for Active Directory automation, delegated administration, and identity management tasks when properly configured and maintained.

One Identity Active Roles scales very well for enterprise environments and can efficiently manage thousands of users, groups, and Active Directory objects through centralized automation, delegated administration, and policy management without significant performance issues.

Customer support for One Identity Active Roles has been generally good with knowledgeable technical teams and effective assistance for deployment, troubleshooting, and Active Directory integration issues, although response time for complex escalations can sometimes be slower.

Before implementing One Identity Active Roles, we mainly used native Active Directory tools and a manual administration process along with basic PowerShell scripting. We switched because One Identity Active Roles provides centralized management, automation, delegation, RBAC, and better compliance and auditing capabilities.

I assess the integration of One Identity Active Roles as moderately easy, around a four out of ten in difficulty, because the core integration with Active Directory and existing Microsoft infrastructure is straightforward.

Before selecting One Identity Active Roles, we evaluated options such as Microsoft Identity Management and SailPoint IdentityIQ, but we chose One Identity Active Roles because of its strong Active Directory integration, automation, and delegated administration.

We achieve a strong ROI with One Identity Active Roles through approximately a forty to fifty percent reduction in service desk workload, faster user provisioning from hours to minutes, fewer manual administration errors, and improved compliance and audit efficiency.

My experience with pricing, setup cost, and licensing with One Identity Active Roles has been generally positive, as the license is enterprise-based and setup requires moderate effort for Active Directory integration and workflow configuration, but the solution provides strong value through automation and delegation.

Before selecting One Identity Active Roles, we evaluated options such as Microsoft Identity Management and SailPoint IdentityIQ, but we chose One Identity Active Roles because of its strong Active Directory integration, automation, and delegated administration.

My advice to others considering One Identity Active Roles is to carefully plan the RBAC model, workflow, and delegation structure before deployment, start with a pilot implementation, and fully utilize its automation and auditing features to improve Active Directory, security, compliance, and operational efficiency. I would rate this solution an eight out of ten.

My primary use case for One Identity Active Roles is to handle day-to-day Active Directory operations that allow different teams to perform tasks without giving them full administrative password or access. This enables management in a safer mode and in the most organized way.

In daily operation, the help desk handles password resetting or account unlocking without admin rights. This is our real-time example. When new users are created in Active Directory, the configurations are automatically applied. This really helps in automating the workload and reducing human errors.

The best features of One Identity Active Roles are its automated features, provisioning or deprovisioning users, and its role-based permission handling where access is assigned through roles instead of giving full permission individually. This simplifies management in a large environment.

The auto-provisioning or role-based permission handling makes my daily work easier and more efficient because it automates our environment since we don't have to manually onboard or deboard employees. It is totally automated which helps in reducing the workload of the IT team by about 50 to 60 percent. This makes our job easier and efficient without having human errors.

One Identity Active Roles has had a great positive impact on our organization. It has really made administrator directory management easy in a controlled way and has improved security due to reduced direct access to applications or systems, thus saving time.

I can say we have a positive impact in terms of metrics. It has really reduced administrative efforts, with a 40 to 60 percent decrease in time spent on routine Active Directory tasks such as user creation, password resetting, or any group changing for employees. This really helped the team to handle requests without any escalations and also allowed for faster user provisioning.

Any improvement needed as of now is non-existent; it is perfectly working in my environment. One Identity Active Roles provides great features with a smooth process.

The initial setup of One Identity Active Roles can be more simplified. Apart from this, everything is perfect.

I have been using One Identity Active Roles for more than four years.

One Identity Active Roles is stable.

The scalability of One Identity Active Roles is excellent and matches our organization's growth.

The customer support for One Identity Active Roles is excellent in their technical part and provides resolution for any technical issues.

Since I started, we have been using One Identity Active Roles only as our solution.

The initial setup of One Identity Active Roles can be more simplified.

My experience with pricing, setup cost, and licensing was straightforward. We have great teaming with the vendor sales team, so there is no issue with the pricing or setup cost or licensing. They really helped in the procurement of the solution.

We have seen a great return on investment in using One Identity Active Roles after deployment, both in terms of cost savings and operational efficiency.

My experience with pricing, setup cost, and licensing was straightforward.

We have not evaluated other options before choosing One Identity Active Roles.

I don't have any additional thoughts about my main use case. I don't want to add anything else about the features. I would really recommend One Identity Active Roles to others looking into using it. I have given this review a rating of 8.

On-premises

When a new user is created, predefined rules automatically apply naming standards and assigned groups. This reduces manual tasks while ensuring consistency across all operations. It prevents and avoids mistakes during the account setup.

One Identity Active Roles has helped us improve security with smooth processes. It provides role-based control that ensures every action in the AD follows the rules. This provides great outcomes and improvements in our organization's process.

We have seen fewer mistakes and it is saving our time. It provides great centralized control and security by limiting access rights. These are the positive outcomes we are experiencing.

The best feature of One Identity Active Roles is its ability to control delegations. It allows us to assign limited access to team members based on their roles and responsibilities. This helps us reduce risk while keeping operations smooth and provides more secure AD management.

Delegating tasks like password resets has impacted positively in our organization and has helped us to smoothen and speed up our work. It allows organizations to control user accounts, their permissions and changes in a more structured and simpler way. This helps improve both security and the application process.

I do not see anything that needs to be changed as of now concerning the organization's needs because it is working very well and it is providing great features with great processes. The initial setup could be simpler because sometimes it feels like it should be more straightforward.

I have been working in my current field for more than eight years. I have been using One Identity Active Roles for more than three years.

The vendor is ready to provide technical support 24/7 and able to resolve issues in a given timeline with proper root cause analysis of the issue.

We have not evaluated other options.

I had a great experience with the pricing, setup cost, and licensing because the sales team of the vendor was very helpful during all of this procedure and process.

I have seen a good return on investment with One Identity Active Roles. It is helping us to save our efforts and time to manage all these processes and tasks within the time limit. It is saving our team time as well as the money of the organization.

I highly recommend One Identity Active Roles for any organization looking for strong management of their Active Directory in their environment with strong control, automation, and security features. Organizations can consider this solution the best fit. I also advise starting with the basic configuration and expanding gradually while providing proper training to the IT team. This will be helpful and beneficial over time. I give this product a rating of 9 out of 10.

On-premises

Other

One Identity Active Roles is used primarily to enforce policy-based control on Active Directory objects, which ensures all changes follow defined rules and workflows, helping us maintain data integrity and governance across our entire architecture.

Policy-based management enforces rules on Active Directory operations such as user creation, modification, and deletion, ensuring that naming conventions and mandatory attributes are applied, which helps us prevent misconfiguration.

One Identity Active Roles offers strong role-based access control and delegation capabilities that improve security by limiting admin privilege, supports automation, and has a powerful policy engine for enforcing standard policies, ensuring consistency across Active Directory operations, which reduces misconfiguration. It also provides comprehensive audit and reporting features that improve visibility into changes.

Compliance with the Active Directory environment has really helped us with audit and reporting capabilities.

One Identity Active Roles has positively impacted our organization by increasing efficiency through automating routine tasks and improving governance through approval workflows, making our Active Directory management workload more structured.

We have seen that it has reduced manual work and we have noticed a reduction in human errors along with a decrease in time efforts, so our team is now able to handle more workload than before.

One Identity Active Roles is working well for our environment and we have not seen anything that needs to be improved as of now. However, the initial setup and configuration can be complex for a new engineer or new organization, requiring Active Directory expertise, which increases deployment effort. The initial setup could be simplified.

I have been using One Identity Active Roles for more than four years.

One Identity Active Roles is stable.

Scalability-wise, there is no issue, and it matches our organization's growth.

I have interacted with the customer support team multiple times, and they are ready to support at any time whenever we raise a ticket, providing concrete solutions for any kind of challenge.

From day one, we have been using One Identity Active Roles and have not used any different solution.

I had a great experience with the setup cost, pricing, and licensing costs because the sales team of the vendor is really helpful during the entire procurement of the solution, and we are grateful and happy with the support provided by the vendor sales team.

We have seen a good return on investment because the automation feature has reduced manual efforts by around thirty to fifty percent and improved efficiency with reduced workload, saving our engineers time.

I had a great experience with the setup cost, pricing, and licensing costs because the sales team of the vendor is really helpful during the entire procurement of the solution, and we are grateful and happy with the support provided by the vendor sales team.

We have not gone for the evaluation of other options.

One Identity Active Roles is a great solution to consider for Active Directory management and for enforcing policies, central management, and great visibility, which will be helpful for any organization. I would also advise starting with defining the roles and whatever policies need to be implemented to ensure smooth deployment. I rate this product a ten out of ten.

On-premises

Other

One Identity Active Roles is used for automated user lifecycle management and delegated administration across AD environments and infrastructure. When a new employee joins the organization, their account is created automatically based on their department, post, and location, eliminating manual work.

When an employee moves to a different department, their access is automatically updated to reflect their roles. During the onboarding process, data is fetched from HR tools, and based on this fetched data, the access needed for employees is automatically assigned and sent. Whenever a user moves to a different department, their posts are automatically updated and reflected in their roles.

One Identity Active Roles offers exceptional features, including a delegation model that combines policy enforcement. The solution allows the help desk team to be given the exact permissions they need, enabling them to reset passwords, unlock accounts, and update phone numbers without granting them access to areas they should not touch, such as group membership or admin accounts. Every action taken follows the defined policy automatically, making this the favorite feature of the solution.

This automated delegation saves significant time for the team, as it has changed how IT operations work. Previously, a constant flood of routine requests landed on the admin team, who were already busy with substantial work. Now, such tasks are automated rather than performed manually.

One Identity Active Roles enables time savings with password resetting and account unlocking, which used to consume significant management time but are now automated. The solution also provides improved flexibility, policy enforcement that eliminates human errors, and seamless Active Directory integrations. A substantial amount of time has been reduced, and human errors have decreased.

There are no features missing; however, the initial setup could be simpler. Apart from this, everything is smooth.

One Identity Active Roles has been in use for more than three years.

There are no additional thoughts to comment on regarding the main use case. One Identity Active Roles is perfectly adequate as of now. One Identity Active Roles is recommended as one of the best solutions currently in the market since it addresses many issues such as risks faced, inconsistent account setup, excessive admin privileges, lack of audit trails, and manual provisioning errors, all of which can be resolved with this solution. This review has been given a rating of eight.

On-premises